Ubuntu CVE Tracker
Home
Main
Universe
Partner
CVE-2017-5616
Priority
Medium
Description
Cross-site scripting (XSS) vulnerability in cgiemail and cgiecho allows
remote attackers to inject arbitrary web script or HTML via the addendum
parameter.
References
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5616
http://www.openwall.com/lists/oss-security/2017/01/20/6
Bugs
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=852031
Notes
Package
Source:
cgiemail
(
LP
Ubuntu
Debian
)
Upstream:
released
(1.6-37+deb7u1)
Ubuntu 14.04 ESM:
DNE
(trusty was released [1.6-37+deb7u1build0.14.04.1])
Patches:
More Information
Mitre
NVD
Launchpad
Debian
Updated
: 2022-04-13 13:01:12 UTC (commit
f411bd370d482ef4385c4e751d121a4055fbc009
)